Jon Kennedy,
Nanty Glo Home Page webmaster and owner, is a former teen and campus minister.
He began his journalism career as teen columnist for the Nanty Glo Journal
and its sister weekly newspapers from 1957 to '62 and became the Journal's
third editor in 1962 at age 20. He has edited other newspapers and magazines,
and more recently, webzines, ever since. His articles have appeared in the Los
Angeles Times, Detroit Free Press, Cleveland Plain-Dealer, Christianity
Today, and many other publications. His Jonals appear here on Mondays, Wednesdays,
and Fridays.Complete
index of Jon Kennedy's Jonal articles

System recovery

Jonal entry 986 | Monday, May
29 2006

It has taken fully a week to recover from a spyware virus attack on
my computer Sunday evening, May 21. Though I've downloaded hundreds
of infected emails over the past year with none of them infecting my
system, this one probably got in through a self-executing application
on a popup web page that opened in the background while I was using
the computer over the weekend.

I had traveled to Southern California with my son Mike and his fiance,
Tracey, to attend their engagement party at Tracey's parents' home in
Simi Valley, near Los Angeles. I was staying at a motel with free wireless
Internet service and had rejoiced in this first opportunity to use such
a service with my laptop, after having seen it advertised by motels
for several years. (I had previously used pay
wireless Internet at Starbucks locations, but not ones that come with
the price of a room at a motel.) My personal laptop has a plug-in wireless
receiver (rather that a built-in one), possibly indicating that its
security firewall is less reliable than the built-in wireless in the
laptop I use for my employment. When I tried to connect at the motel,
I had a popup saying that it was blocked from connecting by the firewall,
with a box to click to disable the firewall. I did. There was no evidence
of the attack the first night or even the second on the road, but as
soon as I reconnected my computer on the wired highspeed connection
back at home Sunday evening, I started getting popup warnings from the
Microsoft system that it was under attack.

It was already too late. I quickly ran Pest Patrol, which almost immediately
found the main culprit, a spyware trojan called CWS, which stands for
"Cool Web Sites." Yeah, right. And the trojan, which (like
spyware in general) gets in through websites that have been hijacked
by the perpetrator of the trojan, was quickly importing other viruses.
Pest Patrol eventually found six viruses, and eliminated all of them,
but could not eliminate CWS itself. And not only would CWS quickly reimport
other viruses if I kept using the computer to go onto the Internet,
it directly attacked Internet Explorer (my browser) making it impossible
to use for anything other than the web sites "it" wanted me
to visit. I knew, of course, better than do that.

When Pest Patrol proved not up to the task I used my work computer,
as my own was useless at this point, to download a virus eliminating
tool that spent a lot more time looking than Pest Patrol had, and rather
than a half dozen infections found some 330 infected files in my C drive.
I kept working at it through the week, making progress but not eliminating
the main culprit, CWS. When I met son Mike on Friday for coffee, he
said he'd had the same trojan attack and had had to reinstall his system
software. I looked for the system disks that came with my laptop and
finally found them and used them to reformat my C drive and reinstall
the Microsoft Operating System.

This finally got rid of CWS late on Friday. But now I had lost some
of my vital software and many of the dozens of minor conveniences we
add to our systems and take for granted after we've used them for a
while, like favorites lists for the web sites you use constantly. So
over the weekend I continued to restore my system by restoring software
like my web page design application, the application that lets me publish
pages to the web, and other items.

I'm sharing this because I remember how helpful I found it to read
David Caldwell's accounts of his virus problems when he was a regular
contributor to this forum. The main difference now is that attacks are
mainly through spyware, which are web pages, rather than viruses contained
in email. There's no guarantee you won't catch a spyware trojan through
web pages, but auto-launch virus protection and a firewall (which you
can get free from Microsoft if you have a legal XP operating system)
stops most of them from getting into your system...if you don't disable
them as I did a week ago Friday.

Holiday greetings

Well...here we are at the beginning of another summer vacation. Best
wishes for the Memorial Day holiday and especially thanks and a toast
to all our military service men and women who are serving or have served
us in peacetime or in wars.

Thought for today

The Nanty Glo Home Page and all its departments are for and by
the whole Blacklick Valley community. Your feedback and written or artistic contributions,
also notification about access problems, are welcomed. Click here to reply.

Suitable letters to the Home Page will be considered for
publication in the Forum departments unless they are specifically labeled “Not
for Publication.”